Popular ideas - Ubuntu brainstorm

Ubuntu QA:

Blog

Brainstorm

Package status

The Ubuntu community has contributed 21986 ideas, 135057 comments, 2615221 votes

All more
Projects more
Security more
- Accessibility
- Documentation
- Education
- Gaming
- Graphics
- Hardware support
- Installation
- Internet & Networking
- Look and Feel
- Marketing
- Multimedia
- Office
- Programming
- Quality
- Security
- Server
- System
- Usability
- Others

Idea sandbox

Popular ideas

Ideas in development

Implemented ideas

Here are the most popular ideas ever about Ubuntu.

Make so other people cant access your home directory

No information about this blueprint
Information is updated every 5 minutes.
Please wait till the next update.

Written by Eldmannen the 30 Mar 08 at 16:57. Global category: Security. New

I created a new Guest account, then I stripped it of all user privileges.

Then I found out, that it could access all MY private data files in MY home directory.

Please fix it so that other users cannot read the home directories of other people. This is a breech of privacy.

657
votes

11
votes

Solution #2: Create a separate shared folder all users can access with read-write permissions

Written by aysiu the 22 Jul 09 at 21:45.

Right now, users have /home/username as 644, so anyone can read files in the directory but not write to files there. Pretty useless.

It'd be better if /home/username was 600, restricting both read and write access, and then if another directory like /home/shared were 660 or 666 so users could truly share files they wanted to share (e.g., co-authored documents, music or photo collections).

2
votes

Solution #3: Create a "Private" folder inside each user's home to respect privacy

Written by arashbm the 18 Mar 11 at 18:27.

Restricting home folder read access to other users (includes system users like daemon, bin, sys, lp, gdm, mysql and so on) is not a good idea. It will cause several problems that will just make it more complicated.

I think it'd be better if Ubuntu would create a "Private" folder by default in each home folder so privacy would be respected. Also it will not be a fundamental change so less bug will be created compared to other solutions.

See the 46 comments or propose a solution >>

Never lose focus while typing a password

Written by pabix the 18 Jan 09 at 21:42. Global category: Security. New

It may have happened to you. You're typing a password in a web page, and suddenly, a window pops up, with a text field inside it, and since you did not notice it at once, you password displays in clear in the other window.

640
votes

-195
votes

Solution #2: Lock Enter key for some seconds in newly popped up windows

Written by marvo the 19 Jan 09 at 08:45.

The unwanted visibility of passwords is only one annoyance in foreground-catching windows. Much worse is in my opinion that some of them require some input and do have their focus already set to the "ok" button. More then once I have "confirmed" some pop-up-messages while typing a text in my browser or word processor. It would be very helpful if the ok-button of a pop-up-box was inactive at least for some seconds.

156
votes

160
votes

70
votes

-60
votes

157
votes

Solution #7: Have ability to set system wide how to deal with stolen focus

Written by grofaty the 7 Feb 09 at 18:13.

Like #4, but have ability to set how you would like to deal with stolen focus.

For system wide options should be:
1. Allow stolen focus (like now)
2. Double blink program in task bar
3. Set notification.
4. Don't bother me at all.

Windows XP has this solution already implemented by installing "Tweak UI" official Windows program. Read more at: http://mycvs.org/archives/2004/11/16/applications-stealing-focus-on-windows-xp

7
votes

34
votes

Solution #9: Provide a flexible option in compiz

Written by aadityabhatia the 9 Feb 09 at 22:44.

This depends on the context. Let's say you're browsing files in Nautilus (an application), and you double click a file. In this case you might prefer not to have the new window opened in the background (which happens sometimes).

Provide it as an OPTION in compiz (try ccsm), that is capable of providing this feature based on window name or class. Setting could be tailored the way user wants, and would stay out of the way of those who don't care.

-47
votes

Solution #10: Request to click before prompting

Written by Lachu the 6 Feb 10 at 15:03.

Password fields should request to click special widget, with lock whole X Server onto password field and exit widget.

User ought to input password, before click onto that button! There no way to exit from this field without clicking button again.

Behavior of enter key/arrows could be: give focus to exit button.

Below password prompt, some helping messages should appear, like press exit key to accept prompting password.

See the 13 comments or propose a solution >>

Ask for application restart after security update

Written by xfuser4 the 21 Aug 09 at 06:16. Related project: Update manager. New

There are sometimes very critical security updates for applications (like the last Pidign-Update).

Unfortunately the Update Manager doesn't inform the user, that the update is only effective, if the application is restarted after it.

Since suspend-2-ram works for now on many computers, some applications are only seldom restarted (e.g. Pidgin may run for several weeks).

In the case of pidgin this is even a security risk, since an application with a security leak might run for several weeks until the last security fixes will apply.

620
votes

-151
votes

Solution #2: Updater proposes auto-restart and restore of affected apps

Written by germclown the 24 Aug 09 at 05:30.

If 1 or more critical updates have been installed, we are offered a checklist of all apps that will benefit from a restart. The dialogue makes clear that all listed apps will benefit from a restart (and maybe how) and that all checked apps will be automatically restarted with an attempt made to return the app to its previous state (subject to security or other important concerns). Examples: Transmission torrents return to their individual active/paused status, Pidgin either remains unlogged or autologs the last user, active OpenOffice docs are reopened.

Updater preferences allow the user to choose which update types appear on the checklist: "security", "bug fix", "new feature"

-95
votes

Solution #3: Only Prompt for application restart if X time elapsed since update.

Written by lavinog the 31 Aug 09 at 17:07.

Annoying users with restart notices can deter users from updating in a timely manner.
To avoid displaying excessive restart prompts, the prompts should be displayed after a preset time if the application hasn't been restarted since the update.
User A was only going to be using pidgin for 20 minutes, he shouldn't be interrupted by a dialog asking him to put his conversation on hold for a restart.
User B performs updates, but leaves his computer idle for a couple of hours. When he comes back to his computer, he will see a dialog box explaining that the recent security update wont take affect until the application is restarted.

59
votes

26
votes

28
votes

59
votes

Solution #7: #5 but with more details

Written by kritzikratzi the 14 Oct 09 at 13:56.

like #5, but when the "restart-indicator" is clicked it folds down to a list, the top entry saying
"some of your applications received important updates, but need to be restarted before these can take effect".

after that a list of applications in question and a "restart all" item follow.

if the user clicks on one of the apps it is restartet and disappears from the list.
if an app was manually restartet (by the user) it also disappears from the list.
if there are no more apps left the restart-indicator should close by itself.

sometimes system components receive updates which will only take effect after a full reboot. this can be incorporated by adding an item to the very bottom that says "In fact there are some udpates which require to restart the entire operating system. Restart now! "

See the 8 comments or propose a solution >>

Protect Ubuntu-users privacy from curious governments

Written by nandersson the 5 Sep 08 at 11:10. Related project: ubuntu.com. New

In Sweden, as well as in the US, as far as I understood there are now new legislation coming up that seriously compromises the privacy of the users.

In Sweden we have two very worrying laws coming up.

1. The "FRA-law" that gives the Swedish security police the right to wiretapp and datamine ALL international data traveling through Sweden.
2. The "Logging-law". Telco operators will be obliged to collect all information about their users whereabouts and keep that information for a year.

We have to work towards the aim: Security by default - and I'm not talking about the system, but to protect our datastreams from being wiretapped.

Me personally think that PKI is the solution to use here whereever possible. IF a session to/from a Ubuntu-system could be read in clear text the user/administrator should be aware of it.

Postfix is important here, Dovecot as well - all emails should be send over encrypted channels by default.

Mark Shuttleworth with his huge knowledge in Digital Certificates (He sold Thawte remember) would be of great help here.

I would like to see Mark Shuttleworth and Ubuntu leverage an infrastructure and create services to provide their community with a good, PKI-based solution.

Privacy matters

Sincerely
Niklas Andersson, Swedish TechWorld Open Source

Edit 1: I've made a proposition of a real-world-implementation of a very viable way to solve the email issue at a user-level.

[....]

490
votes

See the 20 comments or propose a solution >>

New users often choose insecure passwords.

Written by ml2 the 24 Jan 09 at 15:58. Related project: Live CD installer. New

Currently, there is no way of knowing how secure a password is. This often leads to users making insecure passwords, which is a risk to security.

432
votes

84
votes

Solution #2: Implement Solution #1 but add to it

Written by gargouille the 30 Jan 09 at 02:55.

Solution #1 is an excellent idea. I think this could be expanded to have options for a password policy. These options could be available in System > Administration > Users and Groups. Check box options: (require uppercase & lowercase letters, require combination of numeric and alpha). A drop down box could also be added for the required minimum password size.

See the 9 comments or propose a solution >>

Password strength

Written by fordplay the 25 Mar 08 at 12:38. Related project: Gnome. New

Warn users if they try to use a weak password. In the style of google account creation.

I originally thought that this would be good for the users login password. However, possibly this could be implemented for all passwords system wide.

Developer comments

With our automatic installation of wordlists through language-support this is actually feasible with cracklib. In the installer environment we don't have localized wordlists, but even with just the English one, cracklib is pretty useful and it does some statistical tests (independent from wordlists), too.

Also, the existing checks in PAM could probably do with an overhaul (IIRC they complain if you use a password with less than 6 characters or so, but they do not do any entropy testing, like usage of special chars, etc.)

359
votes

See the 8 comments or propose a solution >>

Encrypted home directory GUI tool is needed

Written by Beach Ball the 7 Dec 09 at 04:21. Global category: Security. New

Ubuntu 9.10 has an awesome means of setting up an encrypted home directory during a first time install, however, users who decide later on to implement an encrypted home directory must resort to learning command-line instructions. Furthermore, the 9.10 installer only gives you the option to setup a single account during install with the option to encrypt, any users added later on must be done from the command-line if an encrypted home directory is desired.

348
votes

Solution #1: Option to encrypt home directory when adding new user through graphical tool

Written by Beach Ball the 7 Dec 09 at 04:21.

There are really two things I think need to be done.

First, Ubuntu provides a simple, intuitive, graphical tool under System -> Administration -> Users and Groups for adding new user accounts. After clicking the option to "Add User", a window appears with a tab called "Account". In the "Account" tab there are options for setting a password. I think there should also be an option to "Encrypt home directory". This way a user can create new user accounts with the home directory encrypted without having to drop to the command line.

281
votes

Solution #2: Provide graphical tool for managing the encryption of existing home directories

Written by Beach Ball the 7 Dec 09 at 04:37.

Some users may decide they need to switch on/off the use of encryption for their home directory. That is, they may not have enabled encryption to begin with, but now need it; or, they may have it enabled, but now decide they don't want it.

Enabling encryption during a fresh install is easy for a single account, but turning it on later means sending the user to the command line. Same with disabling it later on.

I suggest the ability to switch on/off encryption for one's home directory be an option in the "User and Groups" program for the properties of the account in question (that is, System -> Administration -> Users and Groups -> Properties).

I would have a check box under the existing "Don't ask for password on login" option that says "Encrypt home directory". Checking the box would encrypt the user's home directory while un-checking the box would turn it off (that is, decrypt the contents).

Also, I would require the password of that account to be entered in order for either change to take effect. That way someone with sudo privileges can't toggle encryption on/off for user accounts without knowing their passwords.

94
votes

Solution #3: Provide an encryption key master/policy enforcement tool

Written by Beach Ball the 7 Dec 09 at 04:57.

Encryption isn't just important to end-users, but it is important to businesses, too. Especially if they have to comply with mandated data security policies, such as the Sarbanes-Oxley Act (see http://www.soxlaw.com/), for which they have no say in the matter.

If Ubuntu is going to make inroads into these kinds of enterprise markets, there needs to be a management tool to ensure that an employee cannot encrypt their home directory without providing a means for another user (e.g., the primary sys admin for the company) to decrypt it (and yes, I know, a rogue user could always just use something like TrueCrypt, but this about meeting data security policy requirements).

Also, there needs to be a method for enforcing encrypted home directories.

I don't think either of these functions fits into the "Users and Groups" management application. So, maybe this is something best suited for integration into policykit?

Of course, such a tool should be protected in such a way that a user with local root privileges couldn't use it to gain access to the encrypted contents of other users on the system unless it is a key-master account.

69
votes

Solution #4: Not only to 'Home' folder....

Written by DrG the 10 Dec 09 at 08:58.

Another idea .---->
A better way is to implement an 'Encryption' option to the 'Permissions' tab (of the Properties Dialogue of files , directories and disks) , which encrypts
files , directories or disks with a password entered by the user ( or the login password - which should not ask password , for decryption , once the specific user logs in , as per choice), and encrypts the item , according to the algorithm selected by the user.

######
In karmic , home directory encryption is achieved through Cryptsetup . A tutorial is here http://gentoo-blog.de/ubuntu/encrypted-home-and-swap-partition-on-ubuntu-9-10-k armic/
####

#-------------------
The Rationale , to a much less extent , can be achieved through nautilus.-->
Right click the desired directory, select 'Properties' , choose 'Permissions' tab ; set Permissions of 'Group' and 'Others' to 'None'(set the Owner as the user ) .( The drawback is that 'root' will be still able to access the content , so as other users with 'gksu nautilus' - so don't rely much on this until tracked ) .

84
votes

-27
votes

Solution #6: Don't encrypt home folder but only parts of it and make key locations clearer

Written by natschil the 20 Dec 09 at 19:11.

Currently, the whole home folder is encrypted, which is suboptimal for people, who want to keep private data but also run a lot of io operations, such as compiling software. Furthermore, keys are kept not only in /home, but also somewhere in /var, iirc, which is a pain if your system crashes and you try to mount the encrypted home directores. Therefore I think it would be more practical to have only part of the home folder encrypted.

8
votes

Solution #7: Provide GUI with automated processes

Written by PaddyLandau the 8 Feb 10 at 10:31.

Provide a simple, straightforward GUI that has a few basic steps. This would handle all the requirements for the average user. Expert users would still be free to use terminal to perform fancier functions.

I would envisage that the GUI would come installed by default on both the Live CD and a normal installation.

1. The GUI would have the following options. In all three cases, it would require Administrator rights (gksu) when not for your own home directory. It would have to allow looking at home directories on a different drive, e.g. when booting from a Live CD to recover from some problem.
(a) Synchronise password.
(b) Encrypt a home directory.
(c) Stop encrypting a home directory.
(d) View a home directory.
(e) Save recovery key on a file (e.g. USB drive).

Note: For changing the login password the normal way, I would want the system to automatically synchronise the home directory. Option (a) would be for when something goes wrong and recovery is required from the Live CD (a situation that I have encountered).

The options would work as follows. In all cases, prompt for Administrator access if not your own home directory. Naturally, there should be checks for nonsense requests, such as trying to encrypt a home directory that is already encrypted or trying to view a home directory that is already mounted (decrypted with ecryptfs).

[...]

(a) Synchronise password.
- Explain to the user what this option means (non-technical users may not realise that the password should match the login password).
- Prompt for:
* which home directory to change.
* its 32-character unlock key, which optionally can be a file from point (e). If already successfully mounted (e.g. the user's own home directory), then omit this step.
* the new (or current) login password.
- Change the password to the new one.

(b) Encrypt a home directory.
- Explaing to the user what this option means (specifically for non-technical users).
- Warn that backups should be taken first in case of problems.
- Prompt for:
* which home directory to change.
* the current login password (if possible, let the system validate this password).
- Display the 32-character unlock code and ask the user to save it safely away from his computer. Explain the importance of doing this. Provide the option of saving it as a file, e.g. on a USB drive -- see point (e). After the user has confirmed doing this...
- Encrypt the home directory (for the user's own home directory, set the mount points accordingly).

(c) Stop encrypting a home directory.
- Prompt for:
* which home directory to change.
* its 32-character unlock key, which optionally can be a file from point (e). If already successfully mounted (e.g. the user's own home directory), then omit this step.
- Stop encrypting the home directory (for the user's own home directory, modify the mount points accordingly).

(d) View a home directory.
- Prompt for:
* which home directory to view.
* its 32-character unlock key, which optionally can be a file from point (e).
- Mount the home directory.
- Display the mount point for the user.
- Open the mount point in Nautilus (or whatever default file management system is set for the installation).

(e) Save recovery key on a file (e.g. USB drive).
- Prompt for:
* which home directory.
* its 32-character unlock key, which optionally can be a file from point (e). If already successfully mounted (e.g. the user's own home directory), then omit this step.
* where to save the file (name and location). Clearly warn the user of the risks of keeping the file phsically near the computer. If the file already exists, warn about overwriting it.
- Save the 32-character unlock key in a simple text recovery file.

I would envisage that the GUI would come installed by default on both the Live CD and a normal installation.

1. The GUI would have the following options. In all three cases, it would require Administrator rights (gksu) when not for your own home directory. It would have to allow looking at home directories on a different drive, e.g. when booting from a Live CD to recover from some problem.
(a) Synchronise password.
(b) Encrypt a home directory.
(c) Stop encrypting a home directory.
(d) View a home directory.
(e) Save recovery key on a file (e.g. USB drive).

Note: For changing the login password the normal way, I would want the system to automatically synchronise the home directory. Option (a) would be for when something goes wrong and recovery is required from the Live CD (a situation that I have encountered).

The options would work as follows. In all cases, prompt for Administrator access if not your own home directory. Naturally, there should be checks for nonsense requests, such as trying to encrypt a home directory that is already encrypted or trying to view a home directory that is already mounted (decrypted with ecryptfs).

(b) Encrypt a home directory.
- Explaing to the user what this option means (specifically for non-technical users).
- Warn that backups should be taken first in case of problems.
- Prompt for:
* which home directory to change.
* the current login password (if possible, let the system validate this password).
- Display the 32-character unlock code and ask the user to save it safely away from his computer. Explain the importance of doing this. Provide the option of saving it as a file, e.g. on a USB drive -- see point (e). After the user has confirmed doing this...
- Encrypt the home directory (for the user's own home directory, set the mount points accordingly).

(c) Stop encrypting a home directory.
- Prompt for:
* which home directory to change.
* its 32-character unlock key, which optionally can be a file from point (e). If already successfully mounted (e.g. the user's own home directory), then omit this step.
- Stop encrypting the home directory (for the user's own home directory, modify the mount points accordingly).

(d) View a home directory.
- Prompt for:
* which home directory to view.
* its 32-character unlock key, which optionally can be a file from point (e).
- Mount the home directory.
- Display the mount point for the user.
- Open the mount point in Nautilus (or whatever default file management system is set for the installation).

(e) Save recovery key on a file (e.g. USB drive).
- Prompt for:
* which home directory.
* its 32-character unlock key, which optionally can be a file from point (e). If already successfully mounted (e.g. the user's own home directory), then omit this step.
* where to save the file (name and location). Clearly warn the user of the risks of keeping the file phsically near the computer. If the file already exists, warn about overwriting it.
- Save the 32-character unlock key in a simple text recovery file.

4
votes

See the 7 comments or propose a solution >>

Firewall activates when connected to unsecure network

Written by christopher_lees the 7 Jun 09 at 15:30. Related project: Network Manager. New

Many people don't bother to run a personal firewall on their computers, because they know their entire network is protected by the firewall in their ADSL router.

However, if they take their computer to a public wifi hotspot or connect to the internet via mobile broadband, they are no longer protected by their router, and any services that they were comfortable running on their home network will suddenly be exposed to strangers on the local wireless network or on the internet.

339
votes

Solution #1: UFW collaborates with NetworkManager

Written by christopher_lees the 7 Jun 09 at 15:30.

NetworkManager exposes its functionality to client programs through Dbus, so clients can be aware of network connectivity. It can also send signals to client programs on certain network-related events.

If NetworkManager connects to the following types of networks:

* Dial-up
* Mobile Broadband (3G, WiMax etc)
* Unsecured Wi-Fi
* WEP-protected network that is not the default connection

then UFW (Uncomplicated Firewall) will set itself to "block all incoming ports", for protection. This setting can be overridden or completely disabled.

On connection to an Ethernet network, WPA-secured WiFi or VPN, the connection is assumed to be safe behind a firewall, and UFW will return to previous settings.

Optionally, connection to any network EXCEPT the user's home network (or other user-specified "safe" network) triggers the raising of the firewall.

NetworkManager already communicates its status through Dbus, so the only code that would need to be touched would be in UFW.

-67
votes

137
votes

Solution #3: Incorporate firewall management in NetworkManager

Written by Lyset the 9 Jun 09 at 22:43.

Instead of writing another daemon/script to monitor dbus and toggle ufw it would be nice if some basic firewall rules can be controlled directly by NetworkManager and its applet.
This allows faster and more intelligent response to network events - integration as tight as it can be.
It would also be easy and intuitive for the user to access firewall settings through network applet without any need to install gufw or firestarter.

22
votes

39
votes

Solution #5: always on with auto off

Written by nloewen the 14 Jun 09 at 21:14.

Risk is danger multiplied by exposure so why not work at keeping exposure down. Keep all incoming ports locked down unless a process is using the port.
eg: I want to check for mail. The port is currently closed. I open evolution. The port used for email is automaticly opened, mail is received, the port is closed again.
an attacker would only have a 5-30s time slot while your receiving email before the port is closed again.

See the 9 comments or propose a solution >>

Lock down "About Me"

Written by HDave the 3 Apr 08 at 22:25. Global category: Security. New

The "About Me" utility under System->Preferences is a nifty way to store information like your name, phone number, etc.

Do many people use it? I think not. Why? Because you have NO idea which applications read this information and what they do with it.

Either allow me to control which applications read this information so I can restrict access on a field level or get rid of the thing entirely. For example, I do not want Pigin/IRC channels to have access to my home phone number, etc.

As it is, it has that creepy, privacy-invading feel of Windows that made me move to Ubuntu in the first place. Time to fix it or lose it.

257
votes

3
votes

See the 10 comments or propose a solution >>

Implement DNSSEC - avoid nasty DNS-hackers

Written by nandersson the 12 Jan 09 at 12:00. Global category: Security. New

DNSSEC is going to be the next "big thing" in DNS. Fedora is implementing it, Microsofts implements it in Windows 7 and Windows Server 2008 R2.

Ubuntu must have good support.

See http://fedoraproject.org/wiki/Features/DNSSEC for affected packages etc.

238
votes

See the 1 comments or propose a solution >>

1 2 3 4 5 6 7 8 9 ... Next >>

Submit your idea